<? 
	require("required/dbconnect.php");
	
	
	if(isset($_POST['tranID']))
	{
		require("required/function.php"); 
		require("required/share_function.php");
		$title="Payment Result";
		require("required/header.php");
		
		
		
		   
		 //------ below don't change ---------------  
		 $tranID     =$_POST['tranID']; 
		 $orderid    =$_POST['orderid']; 
		 $status     =$_POST['status']; 
		 $domain    =$_POST['domain']; 
		 $amount    =$_POST['amount']; 
		 $currency  =$_POST['currency']; 
		 $appcode   =$_POST['appcode']; 
		 $tranid   =$_POST['tranID'];  
		 $paydate   =$_POST['paydate']; 
		 $skey       =$_POST['skey']; 
		 $channel       =$_POST['channel']; 
		   
		 // All undeclared variables below are coming from POST method 
		 $get_info=mysql_query("select * from os_contactinfo where id=1");
		 $i=mysql_fetch_array($get_info,MYSQL_ASSOC);
		 
		 $vkey=$i['cc_verifykey'];
		 		
		 $key0 = md5( $tranID.$orderid.$status.$domain.$amount.$currency ); 
		 $key1 = md5( $paydate.$domain.$key0.$appcode.$vkey ); 
		 if( $skey != $key1 ) $status= -1; // invalid transaction 
		 //------------------------------------------- 
		  
?>
<table width="100%">
	<td align="left" width="100%">
	
	<table width="100%">
		
		<td align="right">
			<table id="Table_01"  height="45" border="0" cellpadding="0" cellspacing="0">
				<tr>
					<td width="13" rowspan="3" align="right">
						<img src="images/product_title_01.jpg" width="13" height="45" alt=""></td>
					<td width="263" height="10" style="background:url('images/product_title_02.jpg');background-repeat:repeat-x"></td>
					<td width="28" rowspan="3" align="left">
						<img src="images/product_title_03.jpg" width="11" height="45" alt=""></td>
				</tr>
				<tr>
					<td background="images/product_title_04.jpg" height="26">
						Current position <img src="images/arrow.gif"> <font style="font-size:12px;font-weight:bolder"><?= $mainpage ?></font> <img src="images/arrow.gif"> <font style="font-size:12px;font-weight:bolder">Payment Result</font> 
					</td>
				</tr>
				<tr>
					<td style="background:url('images/product_title_05.jpg');background-repeat:repeat-x" height="9"></td>
				</tr>
		  </table>
		
		</td>						
	</table>
	</td>
	
	<tr>
		<Td height="400" valign="top" >
			<table width="60%" align="center" class="success">
				<td colspan="2">
				<?
				
				 If ( $status == "00" ){ 
				 	$get_bill = mysql_query("select * from os_bill_details where invoice_number='$orderid'");
					 
					$b=mysql_fetch_array($get_bill,MYSQL_ASSOC);
					$id=$b['id']; 
					
					
					$chk=mysql_query("select * from os_ccrecord where tran_id='$tranID' and  order_id='$orderid'");
					
					if(mysql_num_rows($chk)==0)
					{
						$insert_cc=mysql_query("insert into os_ccrecord(bill_amount,bill_id,order_id,app_code,tran_id,domain,return_status,currency,payment_date,channel,skey,create_datetime)
									values('$amount',$id,'$orderid','$appcode','$tranID','$domain','$status','$currency','$paydate','$channel','$skey',now())");
				 		
						$update_bill=mysql_query("update os_bill_details set status=10,cc_status=1 where id=$id");
						
						
						$get_items=mysql_query("select a.id,a.item_id,a.quantity,b.pid from os_bill_items a inner join os_product_inventory b on a.item_id = b.id where a.bid=$id");
			
						while($i=mysql_fetch_array($get_items,MYSQL_ASSOC))
						{
							$item_id=$i['item_id'];
							$total_deduct=$i['quantity'];
							$pid=$i['pid'];
							updateInventory($item_id,$total_deduct,$id,$pid);
						}
						
						
						
						
					
					}
					
				?>
				<div class="dw_success">Your order has been successfully paid!</div>
				<br>
				<table width="100%">
					<tr>
						<td width="43%" class="title" colspan="3">Payment Info</td>
					</tr>
					<tr>
						<td>Invoice Number</td><td width="2%">:</td><td width="55%"><?= $orderid ?></td>
					</tr>
					<tr>
						<td>Transaction Id</td><td>:</td><td><?= $tranID ?></td>
					</tr>
					<tr>
						<td>Amount Paid</td><td>:</td><td><?= $currency ?> <?= $amount ?></td>
					</tr>
					<tr>
						<td>Transaction Date &amp; Time</td><td>:</td><Td><?= $paydate ?></Td>
					</tr>
				
				</table>
				<?
				 	 }else{
					 
					 $get_bill = mysql_query("select * from os_bill_details where invoice_number='$orderid'");
					 
					 $b=mysql_fetch_array($get_bill,MYSQL_ASSOC);
					 $id=$b['id'];
					$get_info=mysql_query("select * from os_contactinfo where id=1");
					
					$i=mysql_fetch_array($get_info,MYSQL_ASSOC);
					$cc_gatewayurl=$i['cc_gatewayurl'];
					$cc_verifykey=$i['cc_verifykey'];
					$cc_username=$i['cc_username'];
					$cc_returnurl=$i['cc_returnurl'];
					
					$logo_url=$i['logo_url'];
					$os_url=$i['website'];
					$get_currency=mysql_query("select currency_code from os_currency where is_main=1")or die(mysql_error());
					$currency_code=mysql_result($get_currency,0,"currency_code");
					
					
					$shipping=number_format($b['transport_fees'],2);
					$invoice_number=$b['invoice_number'];
					
					$update=mysql_query("update os_bill_details set status=-3,paymethod=2 where id=$id");
					$description='Payment for Joeykidz.com';
					$vcode=md5($b['total_amount'].$cc_username.$b['invoice_number'].$cc_verifykey);
					$url=$cc_gatewayurl;
					$url.="amount=".$b['total_amount'];
					$url.="&orderid=".urlencode($invoice_number);
					$url.="&bill_name=".urlencode($b['receiver_name']);
					$url.="&bill_email=".urlencode($b['email']);
					$url.="&bill_mobile=".urlencode($b['contact_number']);
					$url.="&bill_desc=".urlencode($description);
					$url.="&country=MY";
					$url.="&returnurl=".urlencode($cc_returnurl);
					$url.="&vcode=".$vcode;
					  
				?>
				<div class="dw_failed">Sorry, transaction failed to be make.</div><br>
				
				<table>
					<form method="post" action="os_paymentmethod.php" name="frm1" onSubmit="return frmValidate(this)">
					<td valign="top">
						
						<input type="submit" name="btnsubmit" value="I want to pay via E-banking" class="button"> 
						<input type="hidden" name="paymethod" value="1">
						<input type="hidden" name="id" value="<?= $id ?>">
						
					</td>
					</form>
					<td valign="top">
						
						<input type="submit" name="btnsubmit" value="I want to try again"  class="button" onClick="window.open('<?= $url ?>','_self')"> 
						
					</td>
				</table>
				<?
				 	 } 
				?>
					
				</td>
			
			
			</table>
		</td>
	</tr>
	
</table>
			
			
<? 
	}
	else
	{ 
		header("Location:os_invalid.php");
		die();
	} 
	require("required/footer.php"); 
?>	